QUESTION 373A company has acquired a competitor whose network infrastructure uses only IPv6. An engineer must configure VPN access sourced from the new company. Which remote access VPN solution must be used?

A. GET VPNB. Any ConnectC. EzVPND. DMVPN

Answer: C

QUESTION 374Which way to send OSPF routing updates over a site-to-site IPsec tunnel is true?

A. Set the network type for the inside interface to nonbroadcast mode, and add the remote end as an OSPF neighbor.B. Set the network type for the outside interface to broadcast mode, and add the headend device as an OSPF neighbor.C. Set the network type for the DMZ interface to nonbroadcast mode, add the headend as an OSPF neighbor.D. Set the network type for the outside interface to nonbroadcast mode, and add the remote end as an OSPF neighbor.

Answer: D

QUESTION 375Which access lists are used in a typical IPsec VPN configuration?

A. ACL to NAT traffic across the VPN tunnelB. ACL to define policy based routingC. ACL to define what traffic to exempt from NATD. ACL for routing neighbors across the tunnel

Answer: C

QUESTION 376Which two parameters are specified in the isakmp (IKEv1) policy? (Choose two.)

A. the peerB. the hashing algorithmC. the session keyD. the authentication methodE. the transform-set

Answer: AD

QUESTION 377An engineer is assisting in the continued implementation of a VPN solution and discovers an NHRP server configuration. Which type of VPN solution has been implemented?

A. DM VPNB. IPsec VPNC. SSL VPND. GET VPN

Answer: A

QUESTION 378Which two options are purposes of the key server in Cisco IOS GETVPN? (Choose two.)

A. Lifetimes are misconfigured.B. SAKMP packets are blocked.C. NAT statements are missing.D. GRE is not working correctly.

Answer: B

QUESTION 380An engineer is configuring SSL VPN for remote access. A real-time application that is sensitive to packet delays will be used. Which feature should the engineer confirm is enabled to avoid latency and bandwidth problems associated with SSL connections?

A. Packets carry original source and destination IP addresses, which allows (or optimal routing of encrypted traffic.B. Group Domain of Interpretation protocol allows for homomorphic encryption, which allows group members to operate on messages without decrypting them.C. NETVPN is tunnel-less, which allows any group member to perform decryption and routing around network failures.D. Key servers perform encryption and decryption of all the data in the network, which allows for tight security policiesE. Traffic uses one VRF to encrypt data and a different one to decrypt data, which allows for multicast traffic isolation